NOMISEC-mr-r3bot/WSO2-CVE-2022-29464

NOMISEC WORKING POC

Exploit for CVE-2022-29464 - WSO2 Arbitrary File Upload to RCE

AI Analysis

This exploit PoC for CVE-2022-29464 targets WSO2 Carbon Server by uploading a malicious JSP file to achieve remote code execution. The script sends a POST request to a vulnerable endpoint to deploy the webshell.

Attack Type

RCE

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1505.003 - Web Shell

Loading exploit code...

Download ZIP Password: eip

Source

Platform Nomisec

Type poc

Files 3

https://github.com/mr-r3bot/WSO2-CVE-2022-29464

Stars 2

Forks 1

Last Push Apr 26, 2022

Authors

mr-r3bot

Vulnerability

CVE-2022-29464

WSO2 Arbitrary File Upload to RCE

CRITICAL KEV

CVSS 9.8